Search Results - RepositoryStats

579

2.7k

apache-2.0

69

Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.

Created 2013-07-16

5,577 commits to master branch, last one 2 days ago

scancode-toolkit aboutcode-org

552

2.1k

unknown

71

:mag: ScanCode detects licenses, copyrights, dependencies by "scanning code" ... to discover and inventory open source and third-party packages used in your code. Sponsored by NLnet project https://nl...

Created 2015-07-01

11,324 commits to develop branch, last one 8 days ago

pay pay-rails

316

2.0k

mit

32

Payments for Ruby on Rails apps

pay sca rails engine paddle stripe payments braintree subscription hacktoberfest payment-provider

Created 2017-02-01

1,763 commits to main branch, last one a day ago

murphysec murphysecurity

172

1.7k

apache-2.0

26

An open source tool focused on software supply chain security. 墨菲安全专注于软件供应链安全，具备专业的软件成分分析（SCA）、漏洞检测、专业漏洞库。

sca scanner codescan security dependency software-supply-chain vulnerability-detection software-composition-analysis

Created 2022-03-16

1,427 commits to v3 branch, last one 5 days ago

ort oss-review-toolkit

313

1.6k

apache-2.0

40

A suite of tools to automate software compliance checks.

Created 2017-10-19

16,763 commits to main branch, last one 12 hours ago

OpenSCA-cli XmirrorSecurity

115

1.1k

apache-2.0

154

OpenSCA is an open source software supply chain security solution that supports the detection of open source dependencies, vulnerabilities and license compliance with a widely noticed accuracy by the ...

sca sbom spdx swid security cyclonedx devsecops static-analysis vulnerabilities license-compliance software-supply-chain software-bill-of-materials software-composition-analysis software-supply-chain-security

Created 2021-12-30

990 commits to master branch, last one about a month ago

dep-scan owasp-dep-scan

98

1.0k

mit

17

OWASP dep-scan is a next-generation security and risk audit tool based on known vulnerabilities, advisories, and license limitations for project dependencies. Both local repositories and container ima...

cve sca vex sbom cyclonedx devsecops compliance containers risk-audit security-audit security-tools dependency-audit dependency-analysis reachability-analysis supply-chain-security vulnerability-scanners

Created 2020-01-28

388 commits to master branch, last one a day ago

log4j-detector mergebase

98

638

other

28

A public open sourced tool. Log4J scanner that detects vulnerable Log4J versions (CVE-2021-44228, CVE-2021-45046, etc) on your file-system within any application. It is able to even find Log4J instan...

sca log4j pentest scanner detector log4shell cybersecurity cve-2021-44228 cve-2021-45046 cve-2021-45105 vulnerability-scanner

Created 2021-12-12

101 commits to master branch, last one 2 years ago

cdxgen CycloneDX

156

584

apache-2.0

17

Creates CycloneDX Bill of Materials (BOM) for your projects from source and container images. Supports many languages and package managers. Integrate in your CI/CD pipeline with automatic submission t...

bom oci sca cbom purl sbom owasp docker saasbom cyclonedx containers package-url supply-chain software-bill-of-materials

Created 2019-12-30

1,411 commits to master branch, last one a day ago

ant-application-security-testing-benchmark alipay

45

347

apache-2.0

8

xAST评价体系，让安全工具不再“黑盒”. The xAST evaluation benchmark makes security tools no longer a "black box".

sca dast iast sast testing security benchmark evaluation application

Created 2022-12-26

189 commits to main branch, last one 11 days ago

grepmarx Orange-Cyberdefense

23

204

mit

5

A source code static analysis platform for AppSec enthusiasts.

sca sast appsec security

Created 2023-01-06

411 commits to main branch, last one about a month ago

cloud-validation-framework prancer-io

29

122

mpl-2.0

102

prancer platform is an IaC Security engine + Continuous Compliance for your cloud (Azure, AWS, GCP) and Kubernetes environment

iac sca cloud security governance cloudsecurity

Created 2019-02-04

2,130 commits to master branch, last one 5 months ago

scancode.io aboutcode-org

88

119

apache-2.0

14

ScanCode.io is a server to script and automate software composition analysis pipelines with ScanPipe pipelines. This project is sponsored by NLnet project https://nlnet.nl/project/vulnerabilitydatabas...

sca purl spdx docker license scancode cyclonedx open-source package-url foss-compliance virtual-machine vulnerabilities software-composition-analysis

Created 2020-09-10

1,046 commits to main branch, last one a day ago

vulnerability-db AppThreat

23

100

mit

7

Vulnerability database and package search for sources such as Linux, OSV, NVD, GitHub and npm. Powered by sqlite, CVE 5.0, purl, and vers.

cli cve nvd sca purl vers database advisories vulnerability-database vulnerability-detection

Created 2020-01-20

241 commits to master branch, last one 7 days ago

mosec-maven-plugin momosecurity

21

100

apache-2.0

3

用于检测maven项目的第三方依赖组件是否存在安全漏洞。

sca maven maven-plugin security-tools dependency-management

Created 2020-07-29

31 commits to master branch, last one 2 years ago

awesome-sca hysnsec

29

98

cc0-1.0

9

A curated list of Software Component Analysis (SCA) books, courses - free and paid, videos, tools, and tutorials.

sca snyk component-analysis practical-devsecops vulnerability-databases software-composition-analysis

Created 2021-05-29

9 commits to main branch, last one 2 years ago

cycode-cli cycodehq

45

85

mit

17

Boost security in your dev lifecycle via SAST, SCA, Secrets & IaC scanning

sca code sast cycode secure secrets security

Created 2022-07-04

259 commits to main branch, last one 23 hours ago

clj-watson clj-holmes

9

84

epl-2.0

4

clojure deps SCA

sca clojure security dependency

Created 2021-12-24

118 commits to main branch, last one 2 months ago

pyecsca J08nY

15

56

mit

8

Python Elliptic Curve Side-Channel Analysis toolkit.

ecc sca side-channel side-channel-attacks elliptic-curve-cryptography

Created 2019-03-14

754 commits to master branch, last one a day ago

Log4j-CVE-Detect darkarnium

6

34

bsd-3-clause

3

Detections for CVE-2021-44228 inside of nested binaries

sca binary devops python security detection cve-2021-44228 cve-2021-45046

Created 2021-12-11

20 commits to main branch, last one 2 years ago

ryzesca m-sec-org

8

33

gpl-3.0

1

RyzeSCA 是M-SEC社区一款强化 DevSecOps 的软件成分分析工具，能在软件开发过程中分析和管理开源组件的安全风险。

sca devsecops

Created 2023-12-27

4 commits to main branch, last one 11 months ago

java-application-security-practices ionutbalosin

4

26

unknown

4

Application security best practices and code implementations for Java developers. This project is intended for didactic purposes only, supporting my training course.

csp sca cors dast jwks sast api-security password-flow json-web-key-set security-logging security-testing oauth-grant-types token-introspection java-process-security authorization-code-flow client-credentials-flow roles-based-access-control security-design-principles authorization-code-flow-with-pkce

Created 2024-10-09

51 commits to main branch, last one 11 days ago

dejacode aboutcode-org

8

25

agpl-3.0

8

Automate open source license compliance and ensure software supply chain integrity

sca purl spdx license scancode cyclonedx open-source package-url foss-compliance vulnerabilities

Created 2023-12-07

151 commits to main branch, last one 2 days ago